<?php
include 'config.php';
include 'bb2html.php';

//Clean up
function clean($str) {
  $str = trim($str);
  if (get_magic_quotes_gpc()) {
    $str = stripslashes($str);
  }
  $str = htmlspecialchars($str);
  $str = str_replace("&amp;", "&", $str);
  return str_replace(",", "&#44;", $str);
}

//Variables
$id = $_POST['id'];
$postnum = $_POST['postnum'];
$postnum = $postnum + 1;
$name = $_POST['name'];
$title = clean($_POST['title']);
$youtube = clean($_POST['youtube']);
$comment = clean($_POST['comment']);
$date = date('Y/m/d');
$day = date('D');
$time = date('h:i:s');

//BBCODE
$comment = bb2html($comment);

//If no name make anonymouse
if ($name == "") $name = $noname;

//Trip
function mktripcode($pw)
{
    $pw=mb_convert_encoding($pw,'SJIS','UTF-8');
    $pw=str_replace('&','&amp;',$pw);
    $pw=str_replace('"','&quot;',$pw);
    $pw=str_replace("'",'&#39;',$pw);
    $pw=str_replace('<','&lt;',$pw);
    $pw=str_replace('>','&gt;',$pw);

    $salt=substr($pw.'H.',1,2);
    $salt=preg_replace('/[^.\/0-9:;<=>?@A-Z\[\\\]\^_`a-z]/','.',$salt);
    $salt=strtr($salt,':;<=>?@[\]^_`','ABCDEFGabcdef');

    $trip=substr(crypt($pw,$salt),-10);
    return $trip;
}

list ($names, $tripcode) = explode("#", $name);
if ($tripcode == "") {
} else {
$tripcode = '!'.mktripcode($tripcode).'';
}
$name = clean($_POST['name']);

//Make sure everything is entered ok
if($comment == '') {
echo "No comment link was given";
die();
}

//Set up video
$youtube=str_replace("watch?","/",$youtube);
$youtube=str_replace("=","/",$youtube);
$youtubeembed="<object width='425' height='344'>
<param name='movie' value='".$youtube."&hl=en&color1=0x006699&color2=0x54abd6'></param>
<embed src='".$youtube."&hl=en&color1=0x006699&color2=0x54abd6' type='application/x-shockwave-flash' width='425' height='344'></embed>
</object>";

// Post it
$threadid = "res/$id.php";
$lines = file("$threadid");
array_pop($lines);
$file = join('',$lines);
$fp = fopen("$threadid", "w");
fputs($fp, "$file");
flock($fp, 3);
fclose($fp);

$fp = fopen("$threadid", "a");
fputs($fp, '<table>
<div class="reply">
<h2>'.$title.'</h2>
<div class="replies"> <div class="allreplies">
<h3><span class="replynum">'.$postnum.'</span> Name:  <span class="postername">'.$names.'</span><span class="postertrip">'.$tripcode.'</span> : '.$date.'('.$day.')'.$time.'</h3>
'.$comment.'
</div>
</table>
</tr><hr /><br /></div></div></div></div><p>Name: <input type="text" name="name" /> Title: <input type="text" name="title" /> <input type="submit" value="Reply" /></p><textarea name="comment" rows="6" cols="60"></textarea><input type="hidden" name="postnum" value="'.$postnum.'" /></p></form></body></html>');
flock($fp, 3);
fclose($fp);

//Redirect
header('Location: '.$path.'/res/'.$id.'.php');
?>